@tailor-platform/sdk 0.9.0 → 0.10.1

package/CHANGELOG.md

@@ -1,5 +1,60 @@
 # @tailor-platform/sdk
 
+## 0.10.1
+
+### Patch Changes
+
+- [#34](https://github.com/tailor-platform/sdk/pull/34) [`ed71900`](https://github.com/tailor-platform/sdk/commit/ed719007420794d50d26eb2a3f1f77c5bb3e60a9) Thanks [@remiposo](https://github.com/remiposo)! - Reference external resources
+
+  You can now add resources managed by Terraform or other SDK projects to your application's subgraph for shared use.
+  In this case, the resources themselves are not deployed.
+
+  ```typescript
+  defineConfig({
+    name: "ref-app",
+    db: {
+      "shared-db": { external: true },
+    },
+    resolver: { "shared-resolver": { external: true } },
+    auth: { name: "shared-auth", external: true },
+    idp: [{ name: "shared-idp", external: true }],
+  });
+  ```
+
+- [#36](https://github.com/tailor-platform/sdk/pull/36) [`00701da`](https://github.com/tailor-platform/sdk/commit/00701da46ceb9624b58c123fcf0ff19e4dc513f5) Thanks [@remiposo](https://github.com/remiposo)! - Allow specifying the path where types are generated
+
+  By default, types are generated inside `node_modules/@tailor-platform/sdk` based on env and attribute settings, but you can now change the path with `TAILOR_PLATFORM_SDK_TYPE_PATH`.
+  This is primarily an option for developers, preventing type definitions from being overridden when working with multiple SDK projects simultaneously.
+
+## 0.10.0
+
+### Minor Changes
+
+- [#25](https://github.com/tailor-platform/sdk/pull/25) [`50069ae`](https://github.com/tailor-platform/sdk/commit/50069aeebeb1c0e09cf66f660367cd26cc565f29) Thanks [@haru0017](https://github.com/haru0017)! - Define environment variables in `defineConfig()` and access them in resolvers and executors via the `env` parameter.
+
+  ```typescript
+  export default defineConfig({
+    name: "my-app",
+    env: { logLevel: "debug", cacheTtl: 3600 },
+  });
+
+  // Access in resolver
+  body: ({ input, env }) => {
+    // env.logLevel, env.cacheTtl available with full type safety
+  };
+  ```
+
+### Patch Changes
+
+- [#33](https://github.com/tailor-platform/sdk/pull/33) [`1f73bd1`](https://github.com/tailor-platform/sdk/commit/1f73bd1d7abaa0a55358086a0d1b7f7c00cccbf3) Thanks [@remiposo](https://github.com/remiposo)! - Confirm important resource deletion
+
+  Added a confirmation prompt when attempting to delete resources that would result in data loss (tailordb and staticwebsite).
+  This can be skipped with the `--yes` flag.
+
+- [#31](https://github.com/tailor-platform/sdk/pull/31) [`5fc5594`](https://github.com/tailor-platform/sdk/commit/5fc5594e0b7b1cdf72dadce505aa58a8ae2e5f4a) Thanks [@remiposo](https://github.com/remiposo)! - Make appName for the Executor's GraphQL target optional
+
+  The default value is its own application name.
+
 ## 0.9.0
 
 ### Minor Changes

package/dist/cli/api.d.mts

@@ -1,6 +1,6 @@
 /// <reference path="./../plugin-generated.d.ts" />
 
-import { AppConfig, CodeGeneratorBase, Executor, Generator, Resolver, TailorDBTypeConfig } from "../types-CPcmGK_X.mjs";
+import { AppConfig, CodeGeneratorBase, Executor, Generator, Resolver, TailorDBTypeConfig } from "../types-Dyhfh5b6.mjs";
 import "citty";
 import "zod";
 import "@bufbuild/protobuf/wkt";

package/dist/cli/api.mjs

@@ -1,4 +1,4 @@
-import { apply, generate, generateUserTypes, loadConfig, machineUserList, machineUserToken, show, workspaceCreate, workspaceDelete, workspaceList } from "../token-DwKmpi9i.mjs";
+import { apply, generate, generateUserTypes, loadConfig, machineUserList, machineUserToken, show, workspaceCreate, workspaceDelete, workspaceList } from "../token-LAqSDm3f.mjs";
 import "../auth-Di3vQUrT.mjs";
 
 export { apply, generate, generateUserTypes, loadConfig, machineUserList, machineUserToken, show, workspaceCreate, workspaceDelete, workspaceList };

package/dist/cli/index.mjs

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import { PATScope, applyCommand, commonArgs, createCommand, deleteCommand, fetchAll, fetchLatestToken, formatArgs, generateCommand, initOperatorClient, listCommand as listCommand$4, listCommand$1 as listCommand, loadAccessToken, loadConfig, loadConfigPath, loadWorkspaceId, parseFormat, printWithFormat, readPackageJson, readPlatformConfig, showCommand, tokenCommand, userAgent, withCommonArgs, writePlatformConfig } from "../token-DwKmpi9i.mjs";
+import { PATScope, applyCommand, commonArgs, createCommand, deleteCommand, fetchAll, fetchLatestToken, formatArgs, generateCommand, initOperatorClient, listCommand as listCommand$4, listCommand$1 as listCommand, loadAccessToken, loadConfig, loadConfigPath, loadWorkspaceId, parseFormat, printWithFormat, readPackageJson, readPlatformConfig, showCommand, tokenCommand, userAgent, withCommonArgs, writePlatformConfig } from "../token-LAqSDm3f.mjs";
 import "../auth-Di3vQUrT.mjs";
 import { register } from "node:module";
 import { defineCommand, runCommand, runMain } from "citty";

package/dist/configure/index.d.mts

@@ -1,5 +1,5 @@
 /// <reference path="./../plugin-generated.d.ts" />
 
-import { AuthConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, IDToken, IdPConfig, IdProviderConfig, OAuth2Client, OAuth2ClientGrantType, OIDC, PermissionCondition, QueryType, Resolver, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, StaticWebsiteConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, unauthenticatedTailorUser } from "../types-CPcmGK_X.mjs";
-import { FunctionOperation, GqlOperation, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, Operation, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, ResolverExecutedArgs, ResolverExecutedTrigger, ScheduleTrigger, Trigger, WebhookOperation, createExecutor, createResolver, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t } from "../index-DHpKRtq3.mjs";
-export { AuthConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, FunctionOperation, GqlOperation, IDToken, IdPConfig, IdProviderConfig, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, OAuth2Client, OAuth2ClientGrantType, OIDC, Operation, PermissionCondition, QueryType, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, Resolver, ResolverExecutedArgs, ResolverExecutedTrigger, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, ScheduleTrigger, StaticWebsiteConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, Trigger, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, WebhookOperation, createExecutor, createResolver, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t, unauthenticatedTailorUser };
+import { AuthConfig, AuthExternalConfig, AuthOwnConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, IDToken, IdPConfig, IdPExternalConfig, IdProviderConfig, OAuth2Client, OAuth2ClientGrantType, OIDC, PermissionCondition, QueryType, Resolver, ResolverExternalConfig, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, StaticWebsiteConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, unauthenticatedTailorUser } from "../types-Dyhfh5b6.mjs";
+import { FunctionOperation, GqlOperation, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, Operation, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, ResolverExecutedArgs, ResolverExecutedTrigger, ScheduleTrigger, Trigger, WebhookOperation, createExecutor, createResolver, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t } from "../index-DyBFt3bp.mjs";
+export { AuthConfig, AuthExternalConfig, AuthOwnConfig, AuthServiceInput, BuiltinIdP, ExecutorServiceConfig, ExecutorServiceInput, FunctionOperation, GqlOperation, IDToken, IdPConfig, IdPExternalConfig, IdProviderConfig, IncomingWebhookArgs, IncomingWebhookRequest, IncomingWebhookTrigger, OAuth2Client, OAuth2ClientGrantType, OIDC, Operation, PermissionCondition, QueryType, RecordCreatedArgs, RecordDeletedArgs, RecordTrigger, RecordUpdatedArgs, Resolver, ResolverExecutedArgs, ResolverExecutedTrigger, ResolverExternalConfig, ResolverServiceConfig, ResolverServiceInput, SAML, SCIMAttribute, SCIMAttributeMapping, SCIMAttributeType, SCIMAuthorization, SCIMConfig, SCIMResource, ScheduleTrigger, StaticWebsiteConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, TenantProviderConfig, Trigger, UserAttributeKey, UserAttributeListKey, UserAttributeMap, UsernameFieldKey, ValueOperand, WebhookOperation, createExecutor, createResolver, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, incomingWebhookTrigger, infer, output, recordCreatedTrigger, recordDeletedTrigger, recordUpdatedTrigger, resolverExecutedTrigger, scheduleTrigger, t, unauthenticatedTailorUser };

package/dist/{index-DHpKRtq3.d.mts → index-DyBFt3bp.d.mts}

@@ -1,14 +1,25 @@
 /// <reference path="./plugin-generated.d.ts" />
 
-import { AllowedValues, AllowedValuesOutput, ArrayFieldOutput, ExecutorInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, GqlOperation, IncomingWebhookTrigger as IncomingWebhookTrigger$1, InferFieldsOutput, RecordTrigger as RecordTrigger$1, ResolverExecutedTrigger as ResolverExecutedTrigger$1, ResolverInput, ScheduleTriggerInput, TailorDBType, TailorField, TailorUser, WebhookOperation, output as output$1 } from "./types-CPcmGK_X.mjs";
+import { AllowedValues, AllowedValuesOutput, ArrayFieldOutput, ExecutorInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, GqlOperation, IncomingWebhookTrigger as IncomingWebhookTrigger$1, InferFieldsOutput, RecordTrigger as RecordTrigger$1, ResolverExecutedTrigger as ResolverExecutedTrigger$1, ResolverInput, ScheduleTriggerInput, TailorDBType, TailorField, TailorUser, WebhookOperation, output as output$1 } from "./types-Dyhfh5b6.mjs";
 import { EmptyObject } from "type-fest";
 import { Client } from "@urql/core";
 import { StandardCRON } from "ts-cron-validator";
 
+//#region src/configure/types/env.d.ts
+declare global {
+  namespace TailorSDK {
+    interface Env {}
+  }
+}
+type InferredEnv = keyof TailorSDK.Env extends never ? Record<string, string> : TailorSDK.Env;
+/** Represents environment variables in the Tailor platform. */
+type TailorEnv = InferredEnv;
+//#endregion
 //#region src/configure/services/resolver/resolver.d.ts
 type Context<Input extends Record<string, TailorField<any>> | undefined> = {
   input: Input extends Record<string, TailorField<any>> ? InferFieldsOutput<Input> : never;
   user: TailorUser;
+  env: TailorEnv;
 };
 type OutputType<O> = O extends TailorField<any> ? output$1<O> : O extends Record<string, TailorField<any>> ? InferFieldsOutput<O> : never;
 declare function createResolver<Input extends Record<string, TailorField<any>> | undefined = undefined, Output extends TailorField<any> | Record<string, TailorField<any>> = TailorField<any>>(config: Omit<ResolverInput, "input" | "output" | "body"> & Readonly<{
@@ -30,7 +41,9 @@ type ResolverConfig = ReturnType<typeof createResolver<any, any>>;
 //#endregion
 //#region src/configure/services/executor/operation.d.ts
 type FunctionOperation$1<Args> = Omit<FunctionOperation, "body"> & {
-  body: (args: Args) => void | Promise<void>;
+  body: (args: Args & {
+    env: TailorEnv;
+  }) => void | Promise<void>;
 };
 type UrqlOperationArgs = Parameters<Client["query"] | Client["mutation"]>;
 type GqlOperation$1<Args> = Omit<GqlOperation, "query" | "variables"> & {

package/dist/{token-DwKmpi9i.mjs → token-LAqSDm3f.mjs}

@@ -156,7 +156,7 @@ const FunctionOperationSchema = z.object({
 });
 const GqlOperationSchema = z.object({
 	kind: z.literal("graphql"),
-	appName: z.string(),
+	appName: z.string().optional(),
 	query: z.string(),
 	variables: functionSchema.optional(),
 	invoker: InvokerSchema.optional()
@@ -467,9 +467,11 @@ var Application = class {
 	_subgraphs = [];
 	_executorService = void 0;
 	_staticWebsiteServices = [];
+	_env = {};
 	constructor(name, config) {
 		this.name = name;
 		this.config = config;
+		this._env = config.env || {};
 	}
 	addSubgraph(type, name) {
 		this._subgraphs.push({
@@ -498,40 +500,50 @@ var Application = class {
 	get staticWebsiteServices() {
 		return this._staticWebsiteServices;
 	}
+	get env() {
+		return this._env;
+	}
 	get applications() {
 		return [this];
 	}
 	defineTailorDB(config) {
 		if (!config) return;
 		for (const [namespace, serviceConfig] of Object.entries(config)) {
-			const tailorDB = new TailorDBService(namespace, serviceConfig);
-			this._tailorDBServices.push(tailorDB);
-			this.addSubgraph("tailordb", tailorDB.namespace);
+			if (!("external" in serviceConfig)) {
+				const tailorDB = new TailorDBService(namespace, serviceConfig);
+				this._tailorDBServices.push(tailorDB);
+			}
+			this.addSubgraph("tailordb", namespace);
 		}
 	}
 	defineResolver(config) {
 		if (!config) return;
 		for (const [namespace, serviceConfig] of Object.entries(config)) {
-			const resolverService = new ResolverService(namespace, serviceConfig);
-			this._resolverServices.push(resolverService);
-			this.addSubgraph("pipeline", resolverService.namespace);
+			if (!("external" in serviceConfig)) {
+				const resolverService = new ResolverService(namespace, serviceConfig);
+				this._resolverServices.push(resolverService);
+			}
+			this.addSubgraph("pipeline", namespace);
 		}
 	}
 	defineIdp(config) {
+		if (!config) return;
 		const idpNames = /* @__PURE__ */ new Set();
-		(config ?? []).forEach((idpConfig) => {
-			const idp = IdPSchema.parse(idpConfig);
-			if (idpNames.has(idp.name)) throw new Error(`IdP with name "${idp.name}" already defined.`);
-			idpNames.add(idp.name);
-			this._idpServices.push(idp);
-			this.addSubgraph("idp", idp.name);
+		config.forEach((idpConfig) => {
+			const name = idpConfig.name;
+			if (idpNames.has(name)) throw new Error(`IdP with name "${name}" already defined.`);
+			idpNames.add(name);
+			if (!("external" in idpConfig)) {
+				const idp = IdPSchema.parse(idpConfig);
+				this._idpServices.push(idp);
+			}
+			this.addSubgraph("idp", name);
 		});
 	}
 	defineAuth(config) {
 		if (!config) return;
-		const authService = new AuthService(config, this.tailorDBServices);
-		this._authService = authService;
-		this.addSubgraph("auth", authService.config.name);
+		if (!("external" in config)) this._authService = new AuthService(config, this.tailorDBServices);
+		this.addSubgraph("auth", config.name);
 	}
 	defineExecutor(config) {
 		if (!config) return;
@@ -1579,15 +1591,23 @@ async function loadConfig(configPath) {
 function extractAttributesFromConfig(config) {
 	return collectAttributesFromConfig(config);
 }
-function generateTypeDefinition(attributeMap, attributeList) {
+function generateTypeDefinition(attributeMap, attributeList, env) {
 	const mapFields = attributeMap ? Object.entries(attributeMap).map(([key, value]) => `      ${key}: ${value};`).join("\n") : "";
 	const mapBody = !attributeMap || Object.keys(attributeMap).length === 0 ? "{}" : `{
 ${mapFields}
     }`;
 	const listBody = `{
       __tuple?: ${attributeList ? `[${attributeList.map(() => "string").join(", ")}]` : "[]"};
+    }`;
+	const envFields = env ? Object.entries(env).map(([key, value]) => {
+		const valueType = typeof value === "string" ? `"${value}"` : String(value);
+		return `      ${key}: ${valueType};`;
+	}).join("\n") : "";
+	const envBody = !env || Object.keys(env).length === 0 ? "{}" : `{
+${envFields}
     }`;
 	return ml`
+/* eslint-disable @typescript-eslint/no-empty-object-type */
 // This file is auto-generated by @tailor-platform/sdk
 // Do not edit this file manually
 // Regenerated automatically when running 'tailor-sdk apply' or 'tailor-sdk generate'
@@ -1596,6 +1616,7 @@ declare global {
   namespace TailorSDK {
     interface AttributeMap ${mapBody}
     interface AttributeList ${listBody}
+    interface Env ${envBody}
   }
 }
 
@@ -1632,6 +1653,8 @@ function collectAttributesFromConfig(config) {
 	return {};
 }
 function resolveTypeDefinitionPath(configPath) {
+	const typePath = process.env.TAILOR_PLATFORM_SDK_TYPE_PATH;
+	if (typePath) return path.resolve(process.cwd(), typePath);
 	const configDir = path.dirname(path.resolve(configPath));
 	const packageDir = resolvePackageDirectory(configDir);
 	if (!packageDir) return path.join(configDir, "node_modules", "@tailor-platform", "sdk", "dist", "plugin-generated.d.ts");
@@ -1640,13 +1663,12 @@ function resolveTypeDefinitionPath(configPath) {
 async function generateUserTypes(config, configPath) {
 	try {
 		const { attributeMap, attributeList } = extractAttributesFromConfig(config);
-		if (!attributeMap && !attributeList) {
-			console.log(styleText("cyan", "No attributes found in configuration"));
-			return;
-		}
+		if (!attributeMap && !attributeList) console.log(styleText("cyan", "No attributes found in configuration"));
 		if (attributeMap) console.log("Extracted AttributeMap:", attributeMap);
 		if (attributeList) console.log("Extracted AttributeList:", attributeList);
-		const typeDefContent = generateTypeDefinition(attributeMap, attributeList);
+		const env = config.env;
+		if (env) console.log("Extracted Env:", env);
+		const typeDefContent = generateTypeDefinition(attributeMap, attributeList, env);
 		const outputPath = resolveTypeDefinitionPath(configPath);
 		fs.mkdirSync(path.dirname(outputPath), { recursive: true });
 		fs.writeFileSync(outputPath, typeDefContent);
@@ -2633,6 +2655,22 @@ async function planApplication({ client, workspaceId, application }) {
 		authNamespace = application.authService.config.name;
 		const idProvider = application.authService.config.idProvider;
 		if (idProvider) authIdpConfigName = idProvider.name;
+	} else if (application.config.auth) {
+		authNamespace = application.config.auth.name;
+		const idpConfigs = await fetchAll(async (pageToken) => {
+			try {
+				const { idpConfigs: idpConfigs$1, nextPageToken } = await client.listAuthIDPConfigs({
+					workspaceId,
+					namespaceName: authNamespace,
+					pageToken
+				});
+				return [idpConfigs$1, nextPageToken];
+			} catch (error) {
+				if (error instanceof ConnectError && error.code === Code.NotFound) return [[], ""];
+				throw error;
+			}
+		});
+		if (idpConfigs.length > 0) authIdpConfigName = idpConfigs[0].name;
 	}
 	const metaRequest = await buildMetaRequest(trn$6(workspaceId, application.name), application.name);
 	if (existingApplications.some((app) => app.name === application.name)) changeSet.updates.push({
@@ -3811,6 +3849,25 @@ async function confirmUnmanagedResources(resources, appName, yes) {
       To override, run again and confirm, or use --yes flag.
     `);
 }
+async function confirmImportantResourceDeletion(resources, yes) {
+	if (resources.length === 0) return;
+	consola.warn("The following resources will be deleted:");
+	console.log(`  ${chalk.cyan("Resources")}:`);
+	for (const r of resources) console.log(`    • ${chalk.bold(r.resourceType)} ${chalk.red(`"${r.resourceName}"`)}`);
+	console.log("");
+	console.log(chalk.yellow("  Deleting these resources will permanently remove all associated data."));
+	if (yes) {
+		consola.success("Deleting resources (--yes flag specified)...");
+		return;
+	}
+	if (!await consola.prompt("Are you sure you want to delete these resources?", {
+		type: "confirm",
+		initial: false
+	})) throw new Error(ml`
+      Apply cancelled. Resources will not be deleted.
+      To override, run again and confirm, or use --yes flag.
+    `);
+}
 
 //#endregion
 //#region src/cli/apply/services/executor.ts
@@ -3871,7 +3928,7 @@ async function planExecutor({ client, workspaceId, application }) {
 				name: executor.name,
 				request: {
 					workspaceId,
-					executor: protoExecutor(executor)
+					executor: protoExecutor(application.name, executor, application.env)
 				},
 				metaRequest
 			});
@@ -3880,7 +3937,7 @@ async function planExecutor({ client, workspaceId, application }) {
 			name: executor.name,
 			request: {
 				workspaceId,
-				executor: protoExecutor(executor)
+				executor: protoExecutor(application.name, executor, application.env)
 			},
 			metaRequest
 		});
@@ -3904,7 +3961,7 @@ async function planExecutor({ client, workspaceId, application }) {
 		resourceOwners
 	};
 }
-function protoExecutor(executor) {
+function protoExecutor(appName, executor, env) {
 	const trigger = executor.trigger;
 	let triggerType;
 	let triggerConfig;
@@ -3993,7 +4050,7 @@ function protoExecutor(executor) {
 			targetConfig = { config: {
 				case: "tailorGraphql",
 				value: {
-					appName: target.appName,
+					appName: target.appName ?? appName,
 					query: target.query,
 					variables: target.variables ? { expr: `(${target.variables.toString()})(args)` } : void 0,
 					invoker: target.invoker ? {
@@ -4014,7 +4071,7 @@ function protoExecutor(executor) {
 				value: {
 					name: `${executor.name}__target`,
 					script,
-					variables: { expr: "({ ...args, appNamespace: args.namespaceName })" },
+					variables: { expr: `({ ...args, appNamespace: args.namespaceName, env: ${JSON.stringify(env)} })` },
 					invoker: target.invoker ? {
 						namespace: target.invoker.authName,
 						machineUserName: target.invoker.machineUser
@@ -4097,7 +4154,7 @@ async function planPipeline({ client, workspaceId, application }) {
 	const executors = Object.values(await application.executorService?.loadExecutors() ?? {});
 	const { changeSet: serviceChangeSet, conflicts, unmanaged, resourceOwners } = await planServices$1(client, workspaceId, application.name, pipelines);
 	const deletedServices = serviceChangeSet.deletes.map((del) => del.name);
-	const resolverChangeSet = await planResolvers(client, workspaceId, pipelines, executors, deletedServices);
+	const resolverChangeSet = await planResolvers(client, workspaceId, pipelines, executors, deletedServices, application.env);
 	serviceChangeSet.print();
 	resolverChangeSet.print();
 	return {
@@ -4188,7 +4245,7 @@ async function planServices$1(client, workspaceId, appName, pipelines) {
 		resourceOwners
 	};
 }
-async function planResolvers(client, workspaceId, pipelines, executors, deletedServices) {
+async function planResolvers(client, workspaceId, pipelines, executors, deletedServices, env) {
 	const changeSet = new ChangeSet("Pipeline resolvers");
 	const fetchResolvers = (namespaceName) => {
 		return fetchAll(async (pageToken) => {
@@ -4219,7 +4276,7 @@ async function planResolvers(client, workspaceId, pipelines, executors, deletedS
 				request: {
 					workspaceId,
 					namespaceName: pipeline.namespace,
-					pipelineResolver: processResolver(resolver, executorUsedResolvers)
+					pipelineResolver: processResolver(resolver, executorUsedResolvers, env)
 				}
 			});
 			existingNameSet.delete(resolver.name);
@@ -4228,7 +4285,7 @@ async function planResolvers(client, workspaceId, pipelines, executors, deletedS
 			request: {
 				workspaceId,
 				namespaceName: pipeline.namespace,
-				pipelineResolver: processResolver(resolver, executorUsedResolvers)
+				pipelineResolver: processResolver(resolver, executorUsedResolvers, env)
 			}
 		});
 		existingNameSet.forEach((name) => {
@@ -4254,7 +4311,7 @@ async function planResolvers(client, workspaceId, pipelines, executors, deletedS
 	});
 	return changeSet;
 }
-function processResolver(resolver, executorUsedResolvers) {
+function processResolver(resolver, executorUsedResolvers, env) {
 	const functionPath = path.join(getDistDir(), "functions", `${resolver.name}__body.js`);
 	let functionCode = "";
 	try {
@@ -4268,7 +4325,7 @@ function processResolver(resolver, executorUsedResolvers) {
 		description: `${resolver.name} function body`,
 		operationType: PipelineResolver_OperationType.FUNCTION,
 		operationSource: functionCode,
-		operationHook: { expr: `({ ...context.pipeline, input: context.args, user: ${tailorUserMap} });` },
+		operationHook: { expr: `({ ...context.pipeline, input: context.args, user: ${tailorUserMap}, env: ${JSON.stringify(env)} });` },
 		postScript: `args.body`
 	}];
 	const typeBaseName = inflection.camelize(resolver.name);
@@ -5012,6 +5069,7 @@ async function apply(options) {
 		...pipeline.conflicts,
 		...executor.conflicts
 	];
+	await confirmOwnerConflict(allConflicts, application.name, yes);
 	const allUnmanaged = [
 		...tailorDB.unmanaged,
 		...staticWebsite.unmanaged,
@@ -5020,8 +5078,17 @@ async function apply(options) {
 		...pipeline.unmanaged,
 		...executor.unmanaged
 	];
-	await confirmOwnerConflict(allConflicts, application.name, yes);
 	await confirmUnmanagedResources(allUnmanaged, application.name, yes);
+	const importantDeletions = [];
+	for (const del of tailorDB.changeSet.type.deletes) importantDeletions.push({
+		resourceType: "TailorDB type",
+		resourceName: del.name
+	});
+	for (const del of staticWebsite.changeSet.deletes) importantDeletions.push({
+		resourceType: "StaticWebsite",
+		resourceName: del.name
+	});
+	await confirmImportantResourceDeletion(importantDeletions, yes);
 	const resourceOwners = new Set([
 		...tailorDB.resourceOwners,
 		...staticWebsite.resourceOwners,

package/dist/{types-CPcmGK_X.d.mts → types-Dyhfh5b6.d.mts}

@@ -1,11 +1,11 @@
 /// <reference path="./plugin-generated.d.ts" />
 
-import * as zod34 from "zod";
+import * as zod0 from "zod";
 import { z } from "zod";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 import * as type_fest0 from "type-fest";
 import { IsAny, NonEmptyObject } from "type-fest";
-import * as zod_v4_core50 from "zod/v4/core";
+import * as zod_v4_core0 from "zod/v4/core";
 
 //#region src/configure/types/helpers.d.ts
 type Prettify<T> = { [K in keyof T as string extends K ? never : K]: T[K] } & {};
@@ -617,7 +617,12 @@ declare function defineAuth<const Name extends string, const User extends Tailor
   readonly scim?: SCIMConfig;
   readonly tenantProvider?: TenantProviderConfig;
 } & AuthDefinitionBrand;
-type AuthConfig = ReturnType<typeof defineAuth<string, any, any, any, string>>;
+type AuthExternalConfig = {
+  name: string;
+  external: true;
+};
+type AuthOwnConfig = ReturnType<typeof defineAuth<string, any, any, any, string>>;
+type AuthConfig = AuthOwnConfig | AuthExternalConfig;
 //#endregion
 //#region src/configure/services/tailordb/permission.d.ts
 interface Permissions {
@@ -758,8 +763,11 @@ type TailorDBServiceConfig = {
   files: string[];
   ignores?: string[];
 };
+type TailorDBExternalConfig = {
+  external: true;
+};
 type TailorDBServiceInput = {
-  [namespace: string]: TailorDBServiceConfig;
+  [namespace: string]: TailorDBServiceConfig | TailorDBExternalConfig;
 };
 type IndexDef<T extends {
   fields: Record<PropertyKey, unknown>;
@@ -1103,8 +1111,11 @@ type ResolverServiceConfig = {
   files: string[];
   ignores?: string[];
 };
+type ResolverExternalConfig = {
+  external: true;
+};
 type ResolverServiceInput = {
-  [namespace: string]: ResolverServiceConfig;
+  [namespace: string]: ResolverServiceConfig | ResolverExternalConfig;
 };
 //#endregion
 //#region src/parser/service/idp/schema.d.ts
@@ -1139,7 +1150,11 @@ declare function defineIdp<const TClients extends string[]>(name: string, config
   };
   readonly clients: TClients;
 } & IdpDefinitionBrand;
-type IdPConfig = Omit<ReturnType<typeof defineIdp>, "provider">;
+type IdPExternalConfig = {
+  name: string;
+  external: true;
+};
+type IdPConfig = Omit<ReturnType<typeof defineIdp>, "provider"> | IdPExternalConfig;
 //#endregion
 //#region src/parser/service/staticwebsite/schema.d.ts
 declare const StaticWebsiteSchema: z.core.$ZodBranded<z.ZodObject<{
@@ -1252,8 +1267,9 @@ type GeneratorConfig = z.input<typeof BaseGeneratorConfigSchema>;
 type CodeGeneratorBase = z.output<typeof CodeGeneratorSchema>;
 //#endregion
 //#region src/configure/config.d.ts
-interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[] = IdPConfig[], StaticWebsites extends StaticWebsiteConfig[] = StaticWebsiteConfig[]> {
+interface AppConfig<Auth extends AuthConfig = AuthConfig, Idp extends IdPConfig[] = IdPConfig[], StaticWebsites extends StaticWebsiteConfig[] = StaticWebsiteConfig[], Env extends Record<string, string | number | boolean> = Record<string, string | number | boolean>> {
   name: string;
+  env?: Env;
   cors?: string[];
   allowedIPAddresses?: string[];
   disableIntrospection?: boolean;
@@ -1277,12 +1293,12 @@ declare function defineGenerators(...configs: GeneratorConfig[]): (["@tailor-pla
 }] | {
   id: string;
   description: string;
-  processType: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
-  processResolver: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
-  processExecutor: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut>;
-  aggregate: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod34.ZodAny>;
-  processTailorDBNamespace?: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut> | undefined;
-  processResolverNamespace?: zod_v4_core50.$InferInnerFunctionType<zod_v4_core50.$ZodFunctionArgs, zod_v4_core50.$ZodFunctionOut> | undefined;
+  processType: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
+  processResolver: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
+  processExecutor: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut>;
+  aggregate: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod0.ZodAny>;
+  processTailorDBNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
+  processResolverNamespace?: zod_v4_core0.$InferInnerFunctionType<zod_v4_core0.$ZodFunctionArgs, zod_v4_core0.$ZodFunctionOut> | undefined;
 })[];
 //#endregion
 //#region src/parser/service/executor/schema.d.ts
@@ -1321,7 +1337,7 @@ declare const FunctionOperationSchema: z.ZodObject<{
 }, z.core.$strip>;
 declare const GqlOperationSchema: z.ZodObject<{
   kind: z.ZodLiteral<"graphql">;
-  appName: z.ZodString;
+  appName: z.ZodOptional<z.ZodString>;
   query: z.ZodString;
   variables: z.ZodOptional<z.ZodCustom<Function, Function>>;
   invoker: z.ZodOptional<z.ZodObject<{
@@ -1373,7 +1389,7 @@ declare const ExecutorSchema: z.ZodObject<{
     }, z.core.$strip>>;
   }, z.core.$strip>, z.ZodObject<{
     kind: z.ZodLiteral<"graphql">;
-    appName: z.ZodString;
+    appName: z.ZodOptional<z.ZodString>;
     query: z.ZodString;
     variables: z.ZodOptional<z.ZodCustom<Function, Function>>;
     invoker: z.ZodOptional<z.ZodObject<{
@@ -1402,4 +1418,4 @@ type WebhookOperation = z.infer<typeof WebhookOperationSchema>;
 type Executor = z.infer<typeof ExecutorSchema>;
 type ExecutorInput = z.input<typeof ExecutorSchema>;
 //#endregion
-export { AllowedValues, AllowedValuesOutput, AppConfig, ArrayFieldOutput, AuthConfig, type AuthServiceInput, type BuiltinIdP, CodeGeneratorBase, Executor, ExecutorInput, ExecutorServiceConfig, ExecutorServiceInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, Generator, GqlOperation, type IDToken, IdPConfig, type IdProviderConfig, IncomingWebhookTrigger, InferFieldsOutput, type OAuth2Client, type OAuth2ClientGrantType, type OIDC, PermissionCondition, QueryType, RecordTrigger, Resolver, ResolverExecutedTrigger, ResolverInput, ResolverServiceConfig, ResolverServiceInput, type SAML, type SCIMAttribute, type SCIMAttributeMapping, type SCIMAttributeType, type SCIMAuthorization, type SCIMConfig, type SCIMResource, ScheduleTriggerInput, StaticWebsiteConfig, TailorDBType, TailorDBTypeConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, type TenantProviderConfig, type UserAttributeKey, type UserAttributeListKey, type UserAttributeMap, type UsernameFieldKey, type ValueOperand, WebhookOperation, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, output, unauthenticatedTailorUser };
+export { AllowedValues, AllowedValuesOutput, AppConfig, ArrayFieldOutput, AuthConfig, AuthExternalConfig, AuthOwnConfig, type AuthServiceInput, type BuiltinIdP, CodeGeneratorBase, Executor, ExecutorInput, ExecutorServiceConfig, ExecutorServiceInput, FieldMetadata, FieldOptions, FieldOutput, FunctionOperation, Generator, GqlOperation, type IDToken, IdPConfig, IdPExternalConfig, type IdProviderConfig, IncomingWebhookTrigger, InferFieldsOutput, type OAuth2Client, type OAuth2ClientGrantType, type OIDC, PermissionCondition, QueryType, RecordTrigger, Resolver, ResolverExecutedTrigger, ResolverExternalConfig, ResolverInput, ResolverServiceConfig, ResolverServiceInput, type SAML, type SCIMAttribute, type SCIMAttributeMapping, type SCIMAttributeType, type SCIMAuthorization, type SCIMConfig, type SCIMResource, ScheduleTriggerInput, StaticWebsiteConfig, TailorDBType, TailorDBTypeConfig, TailorField, TailorTypeGqlPermission, TailorTypePermission, TailorUser, type TenantProviderConfig, type UserAttributeKey, type UserAttributeListKey, type UserAttributeMap, type UsernameFieldKey, type ValueOperand, WebhookOperation, db, defineAuth, defineConfig, defineGenerators, defineIdp, defineStaticWebSite, output, unauthenticatedTailorUser };

package/dist/utils/test/index.d.mts

@@ -1,7 +1,7 @@
 /// <reference path="./../../plugin-generated.d.ts" />
 
-import { TailorDBType, TailorField, TailorUser } from "../../types-CPcmGK_X.mjs";
-import { output } from "../../index-DHpKRtq3.mjs";
+import { TailorDBType, TailorField, TailorUser } from "../../types-Dyhfh5b6.mjs";
+import { output } from "../../index-DyBFt3bp.mjs";
 import { StandardSchemaV1 } from "@standard-schema/spec";
 
 //#region src/utils/test/index.d.ts

package/docs/configuration.md

@@ -130,3 +130,34 @@ export default defineConfig({
 **description**: Description of the site.
 
 **allowedIPAddresses**: List of IP addresses allowed to access the site in CIDR format.
+
+### Environment Variables
+
+Define environment variables that can be accessed in resolvers and executors:
+
+```typescript
+export default defineConfig({
+  name: "my-app",
+  env: {
+    foo: 1,
+    bar: "hello",
+    baz: true,
+  },
+});
+```
+
+```typescript
+// In resolvers
+body: ({ input, env }) => {
+  return {
+    result: input.multiplier * env.foo,
+    message: env.bar,
+    enabled: env.baz,
+  };
+};
+
+// In executors
+body: ({ newRecord, env }) => {
+  console.log(`Environment: ${env.bar}, User: ${newRecord.name}`);
+};
+```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tailor-platform/sdk",
-  "version": "0.9.0",
+  "version": "0.10.1",
   "description": "Tailor Platform SDK - The SDK to work with Tailor Platform",
   "license": "MIT",
   "main": "./dist/configure/index.mjs",